Blizzard has posted a message in response to the perception that recent reports of account hacking in Diablo III represent an uptick in such incidents. They say the number of compromised accounts does not represent anything unusual for their games, and that they continue to recommend the use of the Battle.net Authenticator or the Battle.net Mobile Authenticator for best security of your Battle.net account:

We'd like to take a moment to address the recent reports that suggested that Battle.net® and Diablo® III may have been compromised. Historically, the release of a new game -- such as a World of Warcraft® expansion -- will result in an increase in reports of individual account compromises, and that's exactly what we're seeing now with Diablo III. We know how frustrating it can be to become the victim of account theft, and as always, we're dedicated to doing everything we can to help our players keep their Battle.net accounts safe -- and we appreciate everyone who's doing their part to help protect their accounts as well. You can read about ways to help keep your account secure, along with some of the internal and external measures we have in place to help us achieve our security goals, at our account security website here: www.battle.net/security.

We also wanted to reassure you that the Battle.net Authenticator and Battle.net Mobile Authenticator (a free app for iPhone and Android devices) continue to be some of the most effective measures we offer to help players protect themselves against account compromises, and we encourage everyone to take advantage of them. In addition, we also recently introduced a new service called Battle.net SMS Protect, which allows you to use your text-enabled cell phone to unlock a locked Battle.net account, recover your account name, approve a password reset, or remove a lost Authenticator. Optionally, you can set up the Battle.net SMS Protect system to send you a text message whenever unusual activity is detected on your account, keeping you aware of important (and possibly unwanted) changes.

We also have other measures built into Battle.net to help protect players. Occasionally, when Battle.net detects unusual login activity that differs from your normal behavior -- such as logging in from an unfamiliar location -- we may prompt you for additional information (such as the answer to one of your security questions) and/or require you to perform a password reset through the Battle.net website. World of Warcraft players might be familiar with this security method already, and Diablo III players may begin to encounter it as well.

CJ_Parker wrote on May 23, 2012, 05:37:Jeez what a load of BS. You clearly have absolutely no clue what the fuck you are even talking about. The icing on the cake is that you come across as some wannabe high horse intelligent elite when in reality your post is one of the most retarded anti-factual write-ups to be witnessed on here in a long time. An amazing display of arrogance and stupidity. Well played, Sir.

Sheeeesh...;)

Be aware that your display of "ignorance and stupidity" just topped mine, and by a landslide margin. Your problem is likely that you don't understand the simple post I've made and this inability to communicate with the outside world fills you with rage and causes you to vomit up irrational personal insults. That about it? Heh...;)

If you can't do better than to hurl idiotic insults then please--say nothing. OK?

Anyway, you may want to look up how trojan horses and keyloggers are used to hack "individual systems in people's homes". That's what the vast majority of these account hacks are like. Some dumbass downloads "diablo3infinitegold.exe" and contracts a keylogger either by directly downloading and installing the infected file or by means of a drive-by infection. Hacker then remotely receives account credentials. Hacker logs into victim's account using these credentials and does whatever they're after, i.e. steal gold or items, delete the character, whatever...

OK, you have outlined exactly one way it might happen. You know, if it had happened to maybe *one person*, maybe *one time*--I might even agree with you.

That's your theory? Let's see, as I told another guy, we live in an age where banks and credit-card companies and US Government files and police stations and tech companies like Valve (who has been hacked twice, IIRC) have all been hacked by 16 year-olds. Yet you want to allege that Blizzard is invulnerable and can't be hacked. The most logical assumption is that Blizzard has been hacked--either from the outside or an employee inside--and that this is the only credible source for all of this information.

Keyloggers are old hat, guy. "Drive-by" infections--that's pretty good--I'll have to remember that the next time I want to tell the owner of a computer that the reason his Battlenet account has been hacked is because he did it to himself, because he's such a dunce. You do realize that with the right kind of firewall it wouldn't matter if someone had slipped in a keylogger?--it would get blocked and couldn't do anything or go anywhere. If someone gets a dose of malware so powerful that it takes over his machine and refuses to be blocked, among other things, then even an inexperienced person will know to format C:\ and reinstall, if that's what it takes.

You cannot categorically say that all of these cases stem from "keyloggers" (so retro) and users too dumb to properly wipe their noses. Seriously guy, if they are that clueless, how do they play the game? They shouldn't be able to figure out the rules...;)

No one who is only after account credentials hacks Blizzard's (well protected, well monitored) servers directly. There may be hacker groups (like the infamous 'Anonymous') who have made it a sport to try to break into Blizzard's backbone or to disturb their services via (D)DOS attacks but the goal of these direct high level attacks is totally different from your regular small scale account theft.

What happens a lot is that somebody inside the company wants to make some pretty good money so he sells some crucial info to interested parties. That's one way it happens--and it happens in a lot of situations. As I mentioned, Valve has a bunch of "well-monitored, well-protected" servers--and Valve got hacked--info was taken--it was not merely a DoS, either. Same thing has happened to the "well-protected, well-monitored" servers at banks, hospitals, credit-card companies, PayPal--the list is impressive. None of those were DoS attacks, either.

My premise is simple: It is Blizzard's responsibility to ensure that its customers' account security is maintained. It is just that simple. You can hold Blizzard's customers accountable if you wish--in that case, the situation will never be remedied and it will just get worse. Or, you can demand (if you are a paying customer) that Blizzard protect its customers' accounts--and this is a solution that I think will ultimately work. In fact, it's the only solution I see that has a prayer of working.

Just about everything you wrote is therefore 100% bullshit.

Nah...;) You just got confused and meant to describe your own post. It's not your fault, though, because I reached over and installed a keylogger when you weren't looking! Your fault! Bzzz-z-z-zt! What I did to you was your fault, right?

It is well known that I do not make mistakes--so if you should happen across a mistake in anything I have written, be assured that I did not write it!